Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN647
_____________________________________________________________________

DATE                : 18/06/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cisco Identity Services Engine,
                     Cisco Umbrella Virtual Appliance,
                     Cisco Crosswork Network Controller,
                     Cisco Webex App, 
                     Cisco Catalyst SD-WAN Controller.

=====================================================================
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
_____________________________________________________________________

Below is the list of Cisco Security Advisories published by Cisco
PSIRT on 2026-June-17.

The following PSIRT security advisories (1 Critical, 3 Medium) were
published at 16:00 UTC today.

Table of Contents:

1) Cisco Identity Services Engine Remote Code Execution and
Information Disclosure Vulnerabilities - SIR: Critical

2) Cisco Umbrella Virtual Appliance Privilege Escalation
Vulnerability
- SIR: Medium

3) Cisco Crosswork Network Controller Server-Side Template
Injection Vulnerability - SIR: Medium

4) Cisco Webex App Open Redirect Vulnerability - SIR: Medium

+--------------------------------------------------------------------

1) Cisco Identity Services Engine Remote Code Execution and
Information Disclosure Vulnerabilities

CVE-2026-20181, CVE-2026-20190

SIR: Critical

CVSS Score v(3.1): 9.1

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv"]

+--------------------------------------------------------------------

2) Cisco Umbrella Virtual Appliance Privilege Escalation
Vulnerability

CVE-2026-20246

SIR: Medium

CVSS Score v(3.1): 6.0

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU"]

+--------------------------------------------------------------------

3) Cisco Crosswork Network Controller Server-Side Template
Injection Vulnerability

CVE-2026-20220

SIR: Medium

CVSS Score v(3.1): 6.3

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnc-inj-QNMeEmxk ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnc-inj-QNMeEmxk"]

+--------------------------------------------------------------------

4) Cisco Webex App Open Redirect Vulnerability

CVE-2026-20178

SIR: Medium

CVSS Score v(3.1): 4.3

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-redirect-KOyxhffH ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-redirect-KOyxhffH"]

_____________________________________________________________________

Below is the list of Cisco Critical Security Advisories published by
Cisco PSIRT on 2026-June-16.

The following PSIRT security advisories (2 Critical) were published
at 17:39 UTC today.

Table of Contents:

1) Cisco Catalyst SD-WAN Controller Authentication Bypass
Vulnerability - SIR: Critical

2) Cisco Catalyst SD-WAN Controller Authentication Bypass
Vulnerability - SIR: Critical

+--------------------------------------------------------------------

1) Cisco Catalyst SD-WAN Controller Authentication Bypass
Vulnerability

CVE-2026-20182

SIR: Critical

CVSS Score v(3.1): 10.0

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW"]

+--------------------------------------------------------------------

2) Cisco Catalyst SD-WAN Controller Authentication Bypass
Vulnerability

CVE-2026-20127

SIR: Critical

CVSS Score v(3.1): 10.0

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk"]

=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================